Initial Disclosure Date: Sep 26, 2013
As the number of APTs against the Japanese government and major companies, the Ministry of Internal Affairs and Communications (MIC) hosted the first cyber exercise to enhance the cyber defense capabilities of LAN administrators who work for ministries and major companies. The first Cyber Defense Exercise with Recurrence or CYDER was conducted between September 25th and 26th, 2013, using LAN for thousands of users. The MIC plans to have five more exercises by the end of March 2014, which is the end of Japanese Fiscal Year 2013. (footnote:1) The ministry wants to continue to conduct exercises until the end of JFY 2017 and invite government-affiliated agencies and private companies in the future. (footnote:2)
Hitachi, NEC, and NTT Communications supported the first exercise as MIC contractors. 25 Information System Administrators participated in the exercise from five ministries including the MIC, Ministry of Defense, and Ministry of Justice. National Institute of Information and Communications Technology’s Hokuriku StarBED Technology Center provided a few thousands of computers. The exercise scenario entails the infection of a few computers that connected to the LAN by a phishing email with malware attachment. Security Operation Centers contracted by the ministries detected C&C communications. On Day 1, participants listened to a lecture in the morning and implemented a simulation to monitor and analyze cyber-attacks in the afternoon after checking their simulation environment. If a participant was not able to respond properly, NEC contractors provided advice on the spot. On Day 2, the participants had some group work and presented their lessons learned. (footnote:3)
Sources:
日立システムズは、システムのコンサルティングから構築、導入、運用、そして保守まで、ITライフサイクルの全領域をカバーした真のワンストップサービスを提供します。